Abstract: Support for dynamic behavior is provided during static compilation while reducing reliance on JIT compilation and large runtimes. A mapping is created between metadata and native code runtime artifacts, such as between type definition metadata and a runtime type description, or between method definition metadata, a runtime type description, and a native code method location, or field definition metadata, a runtime type description, and a field location. A mapping between runtime artifacts may also be created. Some compilation results include trampoline code to support a reflection invocation of an artifact in the reduced runtime support environment, for virtual method calls, call-time bounds checking, calling convention conversion, or compiler-intrinsic methods. Some results support runtime diagnostics by including certain metadata even when full dynamic behavior is not supported.

Abstract: Support for dynamic behavior is provided during static compilation while reducing reliance on JIT compilation and large runtimes. A mapping is created between metadata and native code runtime artifacts, such as between type definition metadata and a runtime type description, or between method definition metadata, a runtime type description, and a native code method location, or field definition metadata, a runtime type description, and a field location. A mapping between runtime artifacts may also be created. Some compilation results include trampoline code to support a reflection invocation of an artifact in the reduced runtime support environment, for virtual method calls, call-time bounds checking, calling convention conversion, or compiler-intrinsic methods. Some results support runtime diagnostics by including certain metadata even when full dynamic behavior is not supported.

Abstract: Support for dynamic behavior is specified while reducing reliance on JIT compilation and large runtimes; semantic characteristics are selectively attached to types and type members outside source code. A directives document contains human-readable directives in a parsable format for submission to an innovative compiler. The directives specify whether a type T or type member M is required, optional, or prohibited in a runtime environment. Some reference an application, library, assembly, or namespace group, and others reference group components: type, type instantiation, method, method instantiation, field, property, or event. Some directives force a generic instantiation. Some directives indirectly reference a type through a parameter, type parameter, or generic directive. Some directives reference degrees to manage runtime activation of type instances, runtime introspection over types, reflection, and/or runtime or static serialization.

Abstract: The present invention extends to methods, systems, and computer program products for controlling runtime access to application programming interfaces Embodiments of the invention allow library developers to more precisely and easily control which of their libraries' APIs can be called dynamically. Thus, their servicing and versioning burden can be more appropriately controlled. Further, application developers can control which such APIs to further exclude from dynamic calling scenarios, to minimize the runtime support overhead (e.g., preventing generation of metadata).

Abstract: The present invention extends to methods, systems, and computer program products for controlling runtime access to application programming interfaces Embodiments of the invention allow library developers to more precisely and easily control which of their libraries' APIs can be called dynamically. Thus, their servicing and versioning burden can be more appropriately controlled. Further, application developers can control which such APIs to further exclude from dynamic calling scenarios, to minimize the runtime support overhead (e.g., preventing generation of metadata).

Abstract: The present invention extends to methods, systems, and computer program products for controlling runtime access to application programming interfaces Embodiments of the invention allow library developers to more precisely and easily control which of their libraries' APIs can be called dynamically. Thus, their servicing and versioning burden can be more appropriately controlled. Further, application developers can control which such APIs to further exclude from dynamic calling scenarios, to minimize the runtime support overhead (e.g., preventing generation of metadata).

Abstract: A security program code generator is configured to automatically generate program code used to perform one or more validation checks of components operating in user mode. In one implementation, for example, the program code generator receives one or more files that include declarative values and parameters regarding one or more function calls made by any user mode component. The program code generator then takes the file of declarative call descriptions and automatically generates a user mode stub and a kernel mode stub for each function call of interest to be handled by a kernel mode component. The file(s) that include the user mode stub and the kernel mode stub can then be compiled and linked into the operating system components.

Abstract: Sensitive data structures, such as type data structures, can be used by untrusted application programs without necessarily exposing the sensitive data structures directly. For example, untrusted components, such as application programs that may or may not be type safe, can be allowed to operate in a lower-privilege mode. In addition, the application programs can be associated with an address space with limited permissions (e.g., read-only) to a shared memory heap. Requests by the untrusted components for sensitive data structures can then be handled by trusted components operating in a higher-privilege mode, which may have broader permissions to the shared memory heap. If the requests by the untrusted components are deemed to be valid, the results of the requests can be shared with the lower-privilege mode components through the shared memory heap.

Abstract: Unsafe application programs that implement managed code can be executed in a secure fashion. In particular, an operating system can be configured to execute an application program in user mode, but handle managed code compilation through a type-safe JIT compiler operating in kernel mode. The operating system can also designate a single memory location to be accessed through multiple address spaces with different permission sets. An application program operating in user mode can be executed in the read/execute address space, while the JIT compiler operates in a read/write address space. When encountering one or more pointers to intermediate language code, the application runtime can send one or more compilation requests to a kernel mode security component, which validates the requests. If validated, the JIT compiler will compile the requested intermediate language code, and the application program can access the compiled code from a shared memory heap.

Abstract: A security program code generator is configured to automatically generate program code used to perform one or more validation checks of components operating in user mode. In one implementation, for example, the program code generator receives one or more files that include declarative values and parameters regarding one or more function calls made by any user mode component. The program code generator then takes the file of declarative call descriptions and automatically generates a user mode stub and a kernel mode stub for each function call of interest to be handled by a kernel mode component. The file(s) that include the user mode stub and the kernel mode stub can then be compiled and linked into the operating system components.

Abstract: Sensitive data structures, such as type data structures, can be used by untrusted application programs without necessarily exposing the sensitive data structures directly. For example, untrusted components, such as application programs that may or may not be type safe, can be allowed to operate in a lower-privilege mode. In addition, the application programs can be associated with an address space with limited permissions (e.g., read-only) to a shared memory heap. Requests by the untrusted components for sensitive data structures can then be handled by trusted components operating in a higher-privilege mode, which may have broader permissions to the shared memory heap. If the requests by the untrusted components are deemed to be valid, the results of the requests can be shared with the lower-privilege mode components through the shared memory heap.